ASP Sessions Being Cleared/Modified

Christian Palacios
Christian Palacios used Ask the Experts™
on
Hi there,

I have a website using classic ASP and it currently uses a lot of session variables to keep track of what is being done on several pages.  At one point, I redirect my website to PayPal to process a payment and then get PayPal to redirect back to my website.  For some reason though, it appears that the session variables get cleared/modified when the redirection to my website occurs.  Is there any reason for this?  I need to ensure these variables stay in place in the browser until the user either logs out of my website or closes the browser.  Any suggestions??

Thank you,
- Christian
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Dave BaldwinFixer of Problems
Most Valuable Expert 2014

Commented:
Are you using 'https' for the pages both before and after connecting to Paypal?
Christian PalaciosSenior IT Systems Administrator

Author

Commented:
No, my website doesn't use HTTPS.  Is that clearing my sessions?
Fixer of Problems
Most Valuable Expert 2014
Commented:
Switching from 'http' to 'https' can have side effects like that.  Browsers don't carry the session data, only the cookie that identifies the session.  I would look at the cookies before and after the Paypal pages to see if they are changing.
Christian PalaciosSenior IT Systems Administrator

Author

Commented:
Thank you.  I understand you have to enable cookies in your browser first.  Do all browsers have cookies turned off by default?  Do you have a way to check if a browser's cookies are disabled so I can check that?

Thanks!!
Scott FellDeveloper & EE Moderator
Fellow 2018
Most Valuable Expert 2013
Commented:
Change your session variables to cookies and that will solve this issue and others.  Sessions in asp are in memory.  If RAM max's out, the worker process crashes and resets sessions.  If you set cookies, your app will be more stable as far as being able to track a person when they leave and come back.

I have an article on using cookies for log in, then tracking those cookies in your database.  This opens up the doors to a lot more possibility.  https://www.experts-exchange.com/articles/18259/User-Log-In-Using-A-Token.html

It should be very easy to move from session http://www.w3schools.com/asp/asp_sessions.asp to cookies http://www.w3schools.com/asp/asp_cookies.asp.   You only need to change session("something") = "abc" to response.cookies("something")="abc" to set and to get change  var1 = session("something") to var1 = request.cookies("something")
Christian PalaciosSenior IT Systems Administrator

Author

Commented:
Thank you for your help!  Switching to cookies solved my problem!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial